Repository logo
 

Techniques and countermeasures of TCP/IP OS fingerprinting on Linux Systems

dc.contributor.advisorVorster, Luke Anthony.
dc.contributor.advisorErwin, David.
dc.contributor.authorStopforth, Riaan.
dc.date.created2007
dc.date.issued2007
dc.descriptionThesis (M.Sc. - Computer)-University of KwaZulu-Natal, Durban, 2007.
dc.description.abstractPort scanning is the first activity an attacker pursues when attempting to compromise a target system on a network. The aim is to gather information that will result in identifying one or more vulnerabilities in that system. For example, network ports that are open can reveal which applications and services are running on the system. How a port responds when probed with data can reveal which protocol the port utilises and can also reveal which implementation of that protocol is being employed. One of the most valuable pieces of information to be gained via scanning and probing techniques is the operating system that is installed on the target. This technique is called operating system fingerprinting. The purpose of this research is to alert computer users of the dangers of port scanning, probing, and operating system fingerprinting by exposing these techniques and advising the users on which preventative countermeasures to take against them. Analysis is performed on the Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Internet Protocol (IPv4 and IPv6), and the Internet Control Message Protocol (ICMPv4 and ICMPv6). All the software used in this project is free and open source. The operating system used for testing is Linux (2.4 and 2.6 kernels). Scanning, probing, and detection techniques are investigated in the context of the Network Mapper and Xprobe2 tools.
dc.identifier.urihttp://hdl.handle.net/10413/458
dc.language.isoenen_US
dc.subjectTCP/IP (Computer network protocol)en_US
dc.subjectComputer pattern recognition.en_US
dc.subjectDissertations, Academic--University of KwaZulu-Natal (Westville).
dc.titleTechniques and countermeasures of TCP/IP OS fingerprinting on Linux Systemsen_US
dc.typeThesisen_US

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Stopforth_R_2007_Thesis.pdf
Size:
836.68 KB
Format:
Adobe Portable Document Format

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.86 KB
Format:
Item-specific license agreed upon to submission
Description: